path: root/src/crypto/sha1-internal.c
Commit message (Collapse)AuthorAgeFilesLines
* More forceful clearing of stack memory with keysJouni Malinen2019-05-261-2/+2
| | | | | | | | | | | | gcc 8.3.0 was apparently clever enough to optimize away the previously used os_memset() to explicitly clear a stack buffer that contains keys when that clearing happened just before returning from the function. Since memset_s() is not exactly portable (or commonly available yet..), use a less robust mechanism that is still pretty likely to prevent current compilers from optimizing the explicit clearing of the memory away. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove trailing whitespaceJouni Malinen2016-12-281-4/+4
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove unnecessary cleanup assignment in SHA1Final()Jouni Malinen2015-12-281-1/+0
| | | | | | | | | | | This makes some static analyzers complain about stored value never being read. While it is good to clear some other temporary variables, this local variable i has no security private information (it has a fixed value of 20 here) and trying to clear it to 0 does not add any value. Remove that part of the "wipe variables" to avoid one useless static analyzer complaint. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add TEST_FAIL() support for internal hash functionsJouni Malinen2015-11-291-0/+3
| | | | | | | | | md4_vector(), md5_vector(), sha1_vector(), and sha256_vector() already supported TEST_FAIL() with the OpenSSL crypto implementation, but the same test functionality is needed for the internal crypto implementation as well. Signed-off-by: Jouni Malinen <j@w1.fi>
* Use internal FIPS 186-2 PRF if neededJouni Malinen2014-03-111-0/+2
| | | | | | | | | | | | Previously, EAP-SIM/AKA/AKA' did not work with number of crypto libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF function was not implemented. This resulted in somewhat confusing error messages since the placeholder functions were silently returning an error. Fix this by using the internal implementation of FIP 186-2 PRF (including internal SHA-1 implementation) with crypto libraries that do not implement this in case EAP-SIM/AKA/AKA' is included in the build. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix strict aliasing issue with the internal SHA-1 implementationJouni Malinen2009-11-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | Need to define the workspace buffer properly to allow compiler to handle strict aliasing between the incoming unsigned char[64] buffer as an u32 array. The previous version built with strict aliasing enabled can result in SHA-1 producing incorrect results and consequently, with 4-way handshake failing. This is based on a report and patch from Dan Williams <dcbw@redhat.com> but with a different type (the union) used as a fix to avoid needing extra type casting. Discovered as part of the investigation of: https://bugzilla.redhat.com/show_bug.cgi?id=494262#c32 if sha1 is built with gcc without turning off strict aliasing, it will fail to correctly generate the hashes and will fail its own testcases as well. Signed-off-by: Dan Williams <dcbw@redhat.com>
* Move shared MD5/SHA-1 internal definitions into header filesJouni Malinen2009-10-171-6/+0
* Make hash functions return error valueJouni Malinen2009-08-161-2/+3
| | | | | | | Some crypto libraries can return in these functions (e.g., if a specific hash function is disabled), so we better provide the caller a chance to check whether the call failed. The return values are not yet used anywhere, but they will be needed for future changes.
* Remove some more crypto ifdef, fix a few small bugsJohannes Berg2009-08-131-5/+1
* Crypto build cleanup: remove NEED_FIPS186_2_PRFJohannes Berg2009-08-111-58/+2
| | | | | Instead of using a define and conditional building of crypto wrapper parts, move the FIPS 186-2 PRF implementation into separate files.
* Crypto build cleanup: remove INTERNAL_SHA1Johannes Berg2009-07-281-0/+373
Instead of using a define and conditional building of sha1.c parts, move the internal-SHA-1 into a separate file.